Security Directory

L

LAIX (Luxembourg Architectes Ingénieurs-conseils eXport)

laix.lu

47

LAIX is a professional platform dedicated to showcasing architectural, engineering, and urbanism projects by Luxembourg architects and consulting engineers, primarily members of the Ordre des Architectes et Ingénieurs Conseils (OAI). The website serves as a promotional and informational hub for these professionals, highlighting their projects both within Luxembourg and internationally. The platform targets industry professionals, potential clients, and partners interested in Luxembourgish architectural and engineering expertise. Technically, the website is built on Drupal 8 CMS, incorporating modern web technologies such as JavaScript, CSS, and external services like Google Analytics and AddToAny for social sharing. The site is mobile-optimized and accessible, with a moderate performance profile. However, some SEO and privacy compliance aspects could be improved. From a security perspective, the site uses HTTPS and anonymizes IP addresses in Google Analytics, but lacks visible security headers and formal security or incident response policies. No critical vulnerabilities or blocking mechanisms were detected, indicating a generally secure posture but with room for enhancement in security best practices and compliance documentation. Overall, the website is professional and trustworthy, with comprehensive project content and clear contact information. The absence of privacy and cookie policies, as well as security policies, represents compliance gaps that should be addressed to improve user trust and regulatory adherence.

W

Worldsoft

worldsoft-support.info

61

Worldsoft operates a professional support website dedicated to assisting users of its software products, including website creation tools, email management, and business suite applications. The site offers comprehensive documentation, a ticketing system for support requests, and multiple contact channels such as phone and email. The business targets its existing customer base and users seeking technical assistance, positioning itself as a reliable technology service provider in Switzerland. Technically, the website employs modern web technologies including JavaScript, CSS3, and integrates third-party services like Google Translate and Lordicon animations to enhance user experience. The site is mobile optimized and provides a clear navigation structure, although accessibility features are basic. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but the absence of security headers and cookie consent mechanisms indicates room for improvement. WHOIS data is privacy protected, which is typical for technology companies, and does not raise immediate concerns. Overall, the website is trustworthy, professional, and serves its support function effectively.

V

Venuu.com

venuu.com

64

Venuu.com operates as a multi-country online platform specializing in venue browsing and booking services, targeting event organizers and individuals seeking event spaces primarily in Spain, Denmark, Finland, Sweden, and international locations. The platform positions itself as a regional and international marketplace within the hospitality sector, leveraging a business model centered on connecting venue providers with customers through an online interface. The website content is basic but functional, with consistent branding and a clear focus on venue services.

V

Venuu

venuu.se

67

Venuu.se is a Swedish online marketplace specializing in event venue bookings, offering over 1900 venues for various event types including weddings, conferences, and parties. The platform targets event organizers and venue owners, providing a streamlined search and booking experience. The website is professionally designed, mobile-optimized, and supports multiple languages, reflecting a mature digital presence. Technically, the site leverages modern JavaScript frameworks, Ruby on Rails backend, and is hosted on AWS infrastructure, ensuring reliable performance and scalability. Security posture is solid with HTTPS enforced and privacy compliance mechanisms in place, though there is room for improvement in publishing explicit security policies and enhancing DNS security with DNSSEC. Overall, the domain registration and WHOIS data align well with the business claims, supporting legitimacy and trustworthiness.

P

Panopto

panopto.com

68

Panopto is an enterprise-grade SaaS company specializing in AI-powered video tools designed to enhance knowledge sharing across teams and educational campuses. Their platform enables secure video creation, sharing, and management, targeting businesses and educational institutions. The website reflects a mature digital presence with comprehensive content, strong branding, and integration of advanced marketing and analytics technologies. The company positions itself as a leader in video knowledge management solutions with a focus on AI enhancements. Technically, the website is built on WordPress with modern SEO practices, including structured data and responsive design. It integrates multiple marketing and analytics tools such as Marketo, Google Tag Manager, and Visual Website Optimizer, indicating a sophisticated approach to user engagement and conversion tracking. Performance and accessibility are good, supporting a positive user experience across devices. From a security perspective, the site enforces HTTPS and implements key security headers, demonstrating adherence to best practices. However, explicit security policies, incident response details, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. The absence of WHOIS registration data reduces transparency but does not detract significantly from the overall trustworthiness given the professional site presentation. Overall, Panopto's website is a well-executed digital asset supporting its business objectives, with strong content quality and technical implementation. Strategic enhancements in security transparency and domain registration disclosure would further strengthen trust and compliance posture.

P

Panopto

panopto.eu

67

Panopto operates as a leading AI-powered video learning platform targeting educational institutions and enterprises. The company provides a comprehensive suite of video creation, management, and analytics tools designed to enhance knowledge sharing and training effectiveness. Their market position is strong, supported by a large user base and reputable customer logos. Technically, the website is built on WordPress with modern SEO and analytics integrations, delivering a professional and responsive user experience. Security posture is robust with HTTPS and security best practices observed, though explicit security policies and incident response contacts are not publicly visible. The absence of WHOIS data is a notable anomaly, potentially indicating privacy protection or a registry issue, which slightly impacts trust assessment. Overall, the website is professional, secure, and business credible, with room for improvement in privacy transparency and contact information availability.

S

Stance

hannatuominen.fi

45

The website www.hannatuominen.fi represents a Finnish small business named Stance, operated by Hanna Tuominen, offering personal and corporate leadership coaching and development services. The business has a clear niche in leadership and management coaching, leveraging frameworks such as LMI and DISC. The website is professionally designed using WordPress with modern technologies including Bootstrap and Google reCAPTCHA, providing a good user experience and mobile optimization. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is solid with HTTPS and form protections, but could be improved by adding security headers and a vulnerability disclosure policy. Contact information is clearly presented, enhancing business credibility. Overall, the site is trustworthy and well-positioned in its market segment.

D

Domik.ua

domik.ua

60

Domik.ua is a well-established Ukrainian real estate portal founded in 2001, offering comprehensive services including property sales, rentals, new construction projects, real estate news, and community forums. The platform targets Ukrainian real estate buyers, renters, developers, and investors, positioning itself as a leading marketplace and information source in the Ukrainian real estate sector. The website features a professional design with good content quality and consistent branding, supporting a positive user experience and trustworthiness. Technically, the site leverages modern technologies such as React, integrates analytics tools like Google Analytics and Facebook Pixel, and enforces HTTPS with appropriate security headers, reflecting a mature digital infrastructure. However, the absence of a cookie consent mechanism and dedicated security or incident response policies indicates gaps in privacy compliance and security transparency. Overall, Domik.ua demonstrates a solid security posture with room for improvement in privacy and incident response disclosures. Strategic recommendations include implementing GDPR-compliant cookie consent, publishing security policies, enhancing accessibility, and maintaining vigilance on third-party scripts to sustain trust and compliance.

J

Jyväskylä Sinfonia

jyvaskylasinfonia.fi

67

Jyväskylä Sinfonia is a regional cultural institution based in Finland, specializing in classical music performances and symphony orchestra events. The website serves as a platform to promote their concerts and cultural activities, targeting a general audience interested in classical music and cultural events. The organization holds a strong market position as a key cultural player in Central Finland, offering a variety of music-related services and events. Technically, the site is built on Drupal 10, leveraging modern web technologies and includes structured data for enhanced SEO and user engagement. The site is mobile-optimized and implements GDPR-compliant cookie consent mechanisms, reflecting a mature digital presence. Security posture is good with HTTPS enforced and standard security headers likely in place, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and well-maintained, with room for improvement in accessibility and explicit security documentation.

F

FRS Systems GmbH

frs-systems.de

64

FRS Systems GmbH is a German company specializing in highly flexible ticketing software solutions tailored for the ferry and passenger vessel industry. Their flagship product, flexWays, offers comprehensive features including sales and distribution, booking management, inventory control, route planning, capacity management, and boarding administration. The company positions itself as an innovative and reliable software provider with a medium-sized workforce and a history dating back to 1992. The website is professionally designed, mobile-optimized, and provides clear contact information, enhancing its credibility. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies such as JavaScript, CSS, and SVG graphics. Hosting and DNS services are managed via Cloudflare, providing robust SSL encryption and potential security benefits. The site demonstrates good performance and accessibility standards, although no advanced analytics or tracking scripts were detected in the provided content. From a security perspective, the website enforces HTTPS and benefits from Cloudflare's DNS services, but lacks visible security headers and explicit security policies. There is no cookie consent mechanism or terms of service present, which are important for GDPR compliance and legal clarity. Incident response contacts and vulnerability disclosure information are also absent, representing areas for improvement. Overall, the website is trustworthy and professional, with a strong business focus and solid technical foundation. However, enhancements in privacy compliance, security policy transparency, and incident response readiness would further strengthen its security posture and regulatory adherence.

F

FRS Syltfähre GmbH & Co. KG

frs-syltfaehre.de

67

FRS Syltfähre GmbH & Co. KG is a well-established regional ferry operator providing car and passenger ferry services between Havneby on Rømø and List on Sylt. The company operates up to 32 daily departures, catering primarily to tourists and travelers seeking reliable and comfortable transportation across the North Sea. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive service information including booking, schedules, fares, and travel tips. The company is part of the larger FRS group, indicating a stable market position and operational backing. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and integrating analytics tools such as Microsoft Clarity, Google Tag Manager, and Hotjar for user behavior insights. Hosting and DNS are managed via Cloudflare, enhancing performance and security. Accessibility features and SEO best practices are well implemented, contributing to a positive user experience across devices. From a security perspective, the site enforces HTTPS and uses reputable third-party services, with no evident vulnerabilities or exposed sensitive data. Privacy and cookie policies are clearly presented with consent mechanisms, aligning with GDPR requirements. However, explicit security headers and incident response policies are not prominently disclosed, representing an area for improvement. Overall, the website demonstrates a strong security posture, good privacy compliance, and solid business credibility. The risk level is low, with recommendations focusing on enhancing security header implementation, publishing incident response information, and maintaining vigilance on third-party scripts.

O

Opiferum Oy

opiferum.com

69

Opiferum Oy is a Finnish technology company specializing in creating modern, user-friendly websites, e-commerce platforms, and intranet solutions tailored to business needs. With over 20 years of experience, they position themselves as a trusted local provider in Hämeenlinna, focusing on clear communication and customer-centric services. Their offerings include website development, online stores, additional services like email hosting and SEO, and ongoing support and training. Technically, the website employs modern frameworks such as Bootstrap, integrates with Google Analytics and Tawk.to for analytics and customer engagement, and uses Cookiebot for GDPR-compliant cookie management. The site is hosted on AWS Cloudfront CDN, ensuring reliable performance and availability. Security-wise, the site enforces HTTPS, uses standard security headers, and provides a comprehensive cookie consent mechanism, though it lacks explicit security policy and incident response disclosures. Overall, the website is professional, well-structured, and compliant with privacy regulations, reflecting a mature digital presence suitable for its business scope.

S

Sociedade Portuguesa de Naturalogia | Naturismo | Lisboa, Portugal

spnaturalogia.pt

54

The website www.spnaturalogia.pt appears to be a small business site hosted on the Wix platform, likely related to natural products or services given the domain name. However, the actual business content is minimal or missing in the provided HTML snippet, with no clear company name, description, or contact information visible. The site uses standard Wix scripts and polyfills, indicating a basic technical infrastructure without advanced frameworks or custom technologies. Security posture is weak due to lack of visible security headers, privacy policies, or incident response information. No forms or data collection mechanisms were detected, reducing immediate privacy concerns but also indicating limited user engagement features. Overall, the site is accessible without WAF or blocking mechanisms but lacks essential compliance and trust elements, resulting in a low to moderate risk profile.

C

Centro Vegetariano - Associação APV

centrovegetariano.org

43

Centro Vegetariano - Associação APV is a Portuguese non-profit organization dedicated to promoting vegetarianism and veganism through educational content, community engagement, and resource provision. The website serves as a reference point for vegetarian and vegan communities in Portugal, offering articles, recipes, directories, and nutritional tools. With a claimed history of 23 years, it holds a respected position in its niche market. Technically, the website is built with basic HTML, CSS, and JavaScript without advanced frameworks or CMS, resulting in moderate performance and basic mobile optimization. Security posture is average, lacking modern security headers and explicit HTTPS confirmation. Privacy and cookie policies are absent, which impacts compliance and trust. Overall, the site is safe, content-rich, and moderately credible but would benefit from enhanced security and privacy measures.

The website at vegebg.org/lander is currently a minimal placeholder or parking page with very limited content. It primarily serves ads via Google AdSense and lacks any substantive business information, contact details, or policies. The domain is registered since 2006 with privacy protection, indicating a long-standing registration but minimal active use. The technical infrastructure includes JavaScript and static assets hosted on wsimg.com, but no CMS or advanced frameworks are detected. Security posture is weak due to lack of visible security headers and no DNSSEC enabled. Overall, the site does not provide sufficient information to assess business credibility or compliance.

The website www.belgiantrain.be represents NMBS, the Belgian national railway company providing train transportation services. The site is positioned as a national public transportation portal targeting general train travelers in Belgium. However, the current accessible content is blocked by a Cloudflare Turnstile CAPTCHA challenge, preventing direct content access and limiting detailed analysis. The website uses modern security mechanisms like CAPTCHA to prevent automated access, indicating a focus on security, but lacks visible privacy and cookie policies on the landing page. The WHOIS data is not publicly available due to domain registration policies, which is typical for .be domains and large organizations. Overall, the business is a large enterprise in the transportation sector with consistent branding but limited accessible content for deeper evaluation.

B

BizBudding Inc.

bizbudding.info

64

BizBudding Inc. operates the website bizbudding.info, which hosts a Matomo analytics platform login page. The site is primarily intended for administrators or users of the Matomo analytics service, providing access to web analytics data. The business appears to be a small technology entity founded in 2019, focused on providing or managing analytics services. The website content is minimal, centered on login functionality, with no public-facing business descriptions or marketing content. The technical infrastructure leverages Matomo analytics software, hosted behind Cloudflare, with HTTPS enabled but lacking DNSSEC and visible security headers. Privacy and cookie policies are absent, indicating limited compliance transparency. Security posture is moderate with room for improvement in headers and policy disclosures. Overall, the site is functional but basic in design and content, with moderate trustworthiness based on WHOIS data consistency.

The website www.zlatyerb.cz serves as the official platform for the Zlatý erb competition, a long-standing Czech national contest recognizing the best municipal web portals. The site provides detailed information about the competition, including news updates, results, partner acknowledgments, and resources for municipalities. The target audience primarily consists of local governments and public administration entities seeking to improve their web presence. The business model is non-profit and focused on promoting digital excellence in municipal websites. The site is supported by multiple partners and sponsors, indicating a well-established position in its niche.

K

Komwag, podnik čistoty a údržby města, a.s.

komwag.cz

50

Komwag, podnik čistoty a údržby města, a.s., is a large Czech company providing comprehensive municipal services across the Czech Republic, including waste management, green maintenance, and cleaning services primarily targeting municipalities, government bodies, and private sector clients. The company positions itself as a reliable and professional service provider with a broad portfolio and a strong local presence. The website reflects a mature digital presence with clear branding, extensive service descriptions, and accessible contact information. Technically, the site uses modern web technologies including the cPilot CMS, UIkit framework, and integrates Google Tag Manager for analytics. It is well optimized for mobile devices and demonstrates good SEO and accessibility practices. Security-wise, the site enforces HTTPS, uses cookie consent mechanisms, and avoids exposing sensitive data, but lacks explicit security policies or incident response contacts. The absence of WHOIS data limits domain trust assessment, but the professional website and contact details support legitimacy. Overall, the site is secure, compliant with privacy regulations, and professionally maintained, though improvements in security transparency and WHOIS data availability are recommended.

Kryt Folimanka is a public underground shelter located in Prague 2, serving as the largest shelter in the district with capacity for 1300 people. The website provides information about the shelter, public tours, and related tourist services. The site is maintained by a government or municipal entity, indicated by the nature of the content and sector classification. Technically, the website uses a traditional web stack including Bootstrap, jQuery, and Google Analytics, hosted by Wedos. The site is accessible, uses HTTPS, and has moderate performance and mobile optimization. However, it lacks critical privacy and cookie policies, and no contact information is provided, which impacts compliance and user trust. Security posture is adequate with HTTPS but missing security headers and formal policies. Overall, the site is functional and informative but could improve in privacy compliance and security best practices.

K

Komwag, podnik čistoty a údržby města, a.s.

2protigraffiti.cz

50

The website 2protigraffiti.cz represents a public service initiative managed by Komwag, a municipal cleaning and maintenance company, focused on graffiti removal in Prague 2. The project has been active since 2010 and serves both private and public property owners, providing anti-graffiti treatments and ongoing maintenance. The site is well-structured, professionally designed, and provides clear contact information and partnership links, reflecting a strong local government collaboration. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and the cPilot CMS platform, with UIkit framework for UI components. It uses Google Tag Manager for analytics and has implemented service workers for progressive web app capabilities. The site is mobile-optimized and accessible, with good SEO practices evident from meta tags and structured content. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism compliant with GDPR. However, explicit security headers and a published security policy or incident response contacts are absent, representing areas for improvement. No vulnerabilities or suspicious content were detected, and the domain registration data aligns well with the website's public service nature. Overall, the website presents a low-risk profile with a solid business credibility and technical foundation. Strategic enhancements in security policy transparency and incident response readiness would further strengthen its posture.

C

Centrum sociálních služeb Praha 2

cssp2.cz

48

Centrum sociálních služeb Praha 2 is a Czech Republic-based public social services organization founded in 2002 by the Prague 2 municipal district. It provides a broad range of social and healthcare services targeted at seniors, disabled individuals, chronically ill patients, caregivers, and families with children. The organization operates locally with a medium-sized footprint and offers services including home care, health care, day centers, and residential facilities. The website reflects a professional and consistent brand presence with clear navigation and relevant content for its audience. Technically, the site uses a proprietary CMS (VismoWeb5), modern web standards, and is hosted under a Czech registrar and hosting provider, ensuring good performance and mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and incident response information are lacking. Privacy compliance is basic with cookie and accessibility statements but no explicit consent mechanism. WHOIS data confirms the domain's legitimacy and long-term operation, matching the organization's history. Overall, the website is trustworthy, safe, and well-suited for its public service mission.

S

Správa nemovitostí Praha 2, a. s.

snp2.cz

57

Správa nemovitostí Praha 2, a. s. is a municipal property management company serving the Prague 2 district. The website provides official information about the company, its services, projects, public notices, and contact details targeting residents, property owners, and tenants within the district. The business operates in the real estate and government sectors, focusing on property management and tenant services. The domain age and registration details align well with the company's founding date, supporting legitimacy. Technically, the website uses a standard HTML5 structure with CSS and JavaScript, powered by the Vismo CMS platform common in Czech municipal websites. It includes modern fonts and a Google Translate widget for accessibility. The site is hosted by a Czech registrar and hosting provider, Active24, with proper HTTPS configuration. Mobile optimization and accessibility are good, though SEO is basic. Security posture is moderate with HTTPS enforced and no exposed sensitive data. However, the site lacks advanced security headers and explicit security or incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR explicit indicators. Contact information is clear and professional, enhancing business credibility. Overall, the website is trustworthy and professional, suitable for its municipal audience. Strategic improvements in privacy compliance, security headers, and incident response transparency would enhance its security and compliance posture.

AB Klaipėdos vanduo is a Lithuanian regional water utility company providing water supply and wastewater management services primarily in the Klaipėda region. The company serves both residential and business customers, offering services such as water supply, wastewater treatment, water quality testing, and remote metering. The website is professionally designed with clear navigation and relevant content targeting local customers. Technically, the site uses modern web technologies including HTTPS, JavaScript libraries like ApexCharts, and integrates Facebook Pixel and Google reCAPTCHA for marketing and security purposes. Security posture is good with HTTPS enforced and anti-CSRF tokens on forms, though some security headers could be improved and explicit security policies are not published. Privacy compliance is partial with a privacy policy present but lacking cookie consent mechanisms. WHOIS data is unavailable, limiting domain trust verification, but the website content and company information appear legitimate and consistent. Overall, the site demonstrates a mature digital presence suitable for a regional utility provider.

T

Tele2

tele2.com

72

Tele2 is a prominent telecommunications company focused on providing smart connectivity solutions and enabling business transformation through advanced infrastructure. The website reflects a professional and modern digital presence with responsive design and accessibility features. The technical infrastructure includes standard web technologies and integration with Google Tag Manager for analytics and OneTrust for cookie consent management. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks visible security headers and explicit security policies. The absence of WHOIS data is a notable gap, slightly impacting trustworthiness. Overall, the site is functional and professional but could improve transparency and security disclosures.

The website www.rietumu.com is currently inaccessible due to a Cloudflare Turnstile security challenge that blocks direct access to its content. The WHOIS query for the domain returned no match, indicating the domain may not be registered or WHOIS data is unavailable. Consequently, no business, contact, or policy information could be extracted or verified. The technical infrastructure is limited to Cloudflare's security mechanisms with no visible CMS or additional technologies. Security posture cannot be assessed due to lack of accessible content and absence of security headers or SSL details. Overall, the site presents a high risk due to inaccessibility and lack of transparency, preventing meaningful analysis or trust evaluation.

J

Jyväskylän Vuokra-Asunnot - JVA

jva.fi

69

Jyväskylän Vuokra-Asunnot (JVA) is a Finnish rental housing service provider focused on the Jyväskylä region. The website presents a professional and consistent brand image, offering rental housing services primarily to local residents. The business model is centered on public housing rental management, targeting tenants in the Jyväskylä area. The site uses Drupal 10 CMS and integrates modern web technologies including JavaScript and Cloudflare for performance and security. Cookie consent and privacy compliance are well implemented, reflecting GDPR adherence. Security posture is solid with HTTPS and security headers in place, though explicit security and incident response policies are not publicly found. Overall, the website is safe, well-structured, and trustworthy, with moderate user tracking for analytics and marketing purposes.

S

Suomen käsityön museo

craftmuseum.fi

65

The website www.craftmuseum.fi represents the Finnish Handicraft Museum, a cultural institution dedicated to showcasing traditional and contemporary handicrafts, including Finnish national costumes. The site targets a general audience including families and cultural enthusiasts, providing exhibition information and educational content. Technically, the site is built on Drupal 10, uses Cloudflare for hosting and security, and integrates a comprehensive GDPR-compliant cookie consent mechanism. The site demonstrates good SEO practices and mobile optimization, although contact information and legal pages like terms of service are limited or absent. Security posture is solid with HTTPS and security headers, but lacks explicit security policy and vulnerability disclosure details. Overall, the domain registration aligns well with the museum's identity, indicating legitimacy and trustworthiness.

J

Jyväskylän seutu

jyvaskylanseutu.fi

66

Jyväskylänseutu.fi is a regional government website serving the Jyväskylä area in Finland, providing residents and visitors with local news, events, and community services. The website is built on Drupal 10, indicating a modern and maintainable technical infrastructure. It employs reputable third-party services for analytics and cookie consent management, ensuring compliance with GDPR and enhancing user privacy. The site demonstrates good mobile optimization and accessibility, contributing to a positive user experience. Security posture is strong with HTTPS enforced and appropriate cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the website is trustworthy and professionally maintained, suitable for its public sector role.

E

ESpanix

espanix.net

69

ESpanix operates as a leading internet exchange point and connectivity hub in Southern Europe, primarily serving Spain and the Iberian Peninsula. The company offers a range of services including IP transit, datacenter hosting, bespoke connectivity solutions, and a high-precision time synchronization service. With over 25 years of experience, ESpanix positions itself as a critical infrastructure provider facilitating secure, low-latency interconnections for telecommunications and network operators. Technically, the website demonstrates a modern and professional design with good mobile optimization and basic accessibility features. The technology stack is standard web technologies with no detected CMS or advanced frameworks. Performance is moderate, and SEO is basic but adequate for the business domain. The site uses HTTPS with integrity checks on resources, but lacks some security headers and cookie consent mechanisms. From a security perspective, ESpanix shows strong compliance with recognized frameworks such as ISO 9001 and the Spanish National Security Scheme (ENS), aligned with the European NIS2 directive. Certifications like WELL, LEED, and WiredScore Platinum further reinforce their commitment to quality and security. However, the absence of WHOIS data for the domain raises questions about domain registration transparency. No incident response contacts or vulnerability disclosure policies are publicly available, which could be improved. Overall, the website and business present a trustworthy and professional image with solid security and compliance posture. The main risks relate to domain registration opacity and minor gaps in privacy compliance. Strategic recommendations include enhancing security headers, publishing incident response information, and implementing cookie consent to improve regulatory compliance and user trust.

C

CircleOne

vagabondfactory.com

63

CircleOne is a Finnish digital consulting and development company specializing in creating tailored web experiences, including websites, e-commerce solutions, web applications, and maintenance services. The company targets businesses and organizations in Finland seeking quality digital solutions to support their business goals. Their market position is that of a niche local provider with a focus on modern technologies and client satisfaction, as evidenced by their client references and professional presentation. Technically, the website is built using modern frameworks such as Astro and hosted on Vercel, ensuring fast performance and mobile optimization. The use of Vercel Analytics indicates some level of user tracking, although no cookie consent mechanism is present. Security-wise, the site enforces HTTPS and provides a PGP public key for secure email communication, but lacks explicit security headers and published security policies. Overall, the website is professional, trustworthy, and well-structured, with room for improvement in privacy compliance and security transparency.

V

Venuu Oy

venuu.fi

62

Venuu Oy operates Venuu.fi, Finland's largest and most popular online platform for booking event venues, catering, and related event services. Established in 2013, the company offers over 6500 venues for various occasions including meetings, weddings, parties, and sauna evenings. The platform targets event organizers and venue owners, providing a marketplace that simplifies venue discovery and booking. The website demonstrates a mature market position with strong brand recognition and partnerships with major Finnish companies. Technically, the site is built on a modern Rails framework with integration of analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Segment Analytics. Hosting is managed via AWS infrastructure, ensuring reliable performance and scalability. Security posture is solid with HTTPS enforced and CSRF protections in place, though some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional, user-friendly, and trustworthy, supporting a medium-sized business in the hospitality sector.

P

ProAgria

proagria.fi

58

ProAgria is a Finnish company specializing in expert services and knowledge to enhance the competitiveness of agriculture and rural business operations. The company offers a broad range of services including management, finance, accounting, crop production, animal production, and sustainable development. Positioned as a leading service provider in Finland's agricultural sector, ProAgria targets farms and rural enterprises seeking professional consulting and development support. The website reflects a mature digital presence with a modern CMS (Craft CMS), responsive design, and structured data for SEO. The technical infrastructure includes modern JavaScript frameworks and delayed Google Tag Manager loading to optimize performance. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit cookie consent mechanisms and published security policies are absent. Overall, the site is professional, trustworthy, and well-aligned with the business's market position and audience.

W

Worldsoft AG

worldsoft-partner.website

60

Worldsoft-Partner.website is a German-language franchise platform operated by Worldsoft AG, a Swiss company established in 2000. The website offers a turnkey business concept for individuals and entrepreneurs to start their own internet agency, leveraging Worldsoft's 20+ years of experience and a large customer base. The business model focuses on creating mobile-optimized websites quickly using proprietary tools, supported by online training, marketing materials, and personal coaching. Technically, the site uses a modern JavaScript stack with multiple analytics and marketing integrations, including Google Analytics, Facebook Pixel, LinkedIn Insight, Hotjar, and Elfsight widgets. The website is mobile-optimized and well-structured, providing a professional user experience. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and visible security headers. Privacy compliance is partially met with a privacy policy linked externally but lacks a cookie consent mechanism. Overall, the domain registration is consistent with the business claims, indicating legitimacy and trustworthiness.

C

cropmark.

cropmark.com

55

Cropmark is a well-established full-service creative studio operating primarily in Luxembourg and Brussels, offering a broad range of branding, corporate design, editorial design, web design, development, SEO, and strategic communication services. The company targets businesses and organizations seeking professional creative solutions, leveraging over 20 years of industry experience. The website reflects a professional and consistent brand image with rich content and clear navigation, supporting its market position as a trusted creative agency in its region. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates analytics tools such as Google Analytics and Matomo. It uses HTTPS for secure communications and content delivery networks for optimized image serving. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured data. However, there is no detected CMS or hosting provider information. From a security perspective, the site benefits from HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance. The absence of WHOIS registration data for the domain is a notable concern, although the website content and contact information support legitimacy. Overall, Cropmark's website is professional and trustworthy, but improvements in privacy compliance and domain registration transparency are recommended to enhance security posture and regulatory adherence.

L

Luxinnovation

luxinnovation.lu

79

Luxinnovation is Luxembourg's national innovation agency dedicated to empowering companies to innovate and fostering a sustainable and digital economy. The website reflects a mature digital presence with comprehensive content targeting startups, businesses, and research organizations. The technical infrastructure leverages modern web technologies, including Tailwind CSS, Alpine.js, Kentico CMS, and integrates multiple analytics and marketing tools such as Matomo, Google Tag Manager, Facebook Pixel, and LinkedIn Insight. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Privacy compliance is partial, with cookie consent implemented but lacking a visible privacy policy or terms of service. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO.

C

Cloudpermit Oy

lupapiste.fi

65

Lupapiste, operated by Cloudpermit Oy, is a Finnish government-related online platform providing comprehensive services for construction permits and related permit acquisition processes. The platform targets Finnish residents and businesses involved in construction, offering a streamlined digital service including permit applications and an e-commerce store for permit documents. The website integrates official Finnish identity verification via Suomi.fi, enhancing trust and security for users. Technically, the website employs standard modern web technologies including HTML5, CSS3, and JavaScript, with a third-party LeadDesk chat widget for customer support. The site is mobile-optimized and presents a professional design with clear navigation. However, some technical improvements are needed, such as fixing the anti-CSRF token implementation and adding security headers to strengthen the security posture. Security-wise, the site enforces HTTPS and uses strong authentication mechanisms but lacks visible security headers and a cookie consent mechanism, which are important for GDPR compliance. No critical vulnerabilities were detected, but the placeholder anti-CSRF token suggests a potential security misconfiguration. Overall, the security posture is moderate but can be improved with targeted measures. The overall risk assessment is low, with the website appearing legitimate, trustworthy, and professionally maintained. Strategic recommendations include fixing security token implementation, enhancing privacy compliance with cookie consent, and publishing explicit security and incident response policies to improve transparency and user trust.

L

Etusivu | Liedon Lämpö

liedonlampo.fi

54

Liedon Lämpö appears to be a small Finnish company operating in the energy sector, likely providing heating-related services or products. The website is built on the Wix platform and uses Wix's Thunderbolt framework and standard JavaScript libraries. The site content is minimal, lacking detailed business descriptions, contact information, or compliance documentation. Technically, the site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS and some JavaScript hardening but missing important security headers and explicit privacy or cookie policies. Overall, the site presents a moderate risk profile due to limited transparency and compliance information.

G

Grade Solutions Oy

kuntarekry.fi

62

Kuntarekry.fi is a Finnish job portal specializing in open municipal sector job listings across Finland. Operated by Grade Solutions Oy, the platform offers thousands of job opportunities and facilitates job application submissions for Finnish job seekers. The website is professionally designed with good SEO and mobile optimization, targeting a national audience interested in municipal employment. Technically, the site uses standard web technologies including HTML5, CSS3, and JavaScript, with integrations to Google APIs for performance and resource loading. Security posture is adequate with HTTPS enabled and Google site verification present; however, the absence of security headers and privacy policies indicates room for improvement in compliance and security best practices. Overall, the domain registration is consistent and trustworthy, matching the business entity and country. The site is safe for general audiences with no adult or explicit content detected.

T

TSC

tsc.lv

61

TSC is a Latvian-based service provider specializing in the repair of mobile phones, tablets, smartwatches, laptops, electric scooters, and audio equipment. The company targets general consumers in Latvia seeking device repair services. The website is professionally designed with consistent branding and provides clear information about its services, primarily in Latvian. The business operates in the technology sector with a small company size and a local market focus. Technically, the website employs modern technologies including Bootstrap for responsive design, Google Tag Manager for analytics, and Cookiebot for cookie consent management. The site uses HTTPS with good SSL configuration and includes security headers, indicating a solid technical foundation. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the website demonstrates good practices such as enforced HTTPS, cookie consent mechanisms, and no visible exposure of sensitive data. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure information. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the website presents a trustworthy and professional online presence with moderate technical maturity and good privacy compliance. Strategic improvements could focus on enhancing accessibility, publishing security policies, and adding incident response information to strengthen security posture and user trust.

H

HESTIA

hest.cz

45

HESTIA is a Czech non-profit organization established in 2001, specializing in volunteer services, coordination, and educational programs. The website presents a well-structured platform offering multiple volunteer programs, corporate volunteering initiatives, and training courses. It targets volunteers, non-profit organizations, companies interested in corporate social responsibility, donors, and media. The organization maintains partnerships with government bodies and foundations, enhancing its credibility and market position within the Czech Republic's volunteer sector. Technically, the website uses a custom CMS (Toolkit) hosted by ECN Studio, with integration of Google Analytics and Google Tag Manager for visitor tracking. The site is mobile-optimized with good navigation and content quality. However, some technical improvements are recommended, including the implementation of security headers and enhanced accessibility features. From a security perspective, the site uses HTTPS (implied by external Google Analytics scripts loaded over HTTPS), has a cookie consent mechanism compliant with GDPR, and does not expose sensitive data. There is no visible security or incident response policy, and no contact emails or phone numbers are provided on the homepage, which could be improved for transparency and user trust. Overall, the website is professional, trustworthy, and serves its non-profit mission effectively. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and providing clearer contact information to improve user confidence and compliance posture.

A

AI • DESIGN

aidesign.cz

57

AI • DESIGN is a small architectural design firm based in the Czech Republic, specializing in residential, interior, staircase, public, and private building projects. The website is professionally designed using the Squarespace platform, featuring clear navigation and good mobile optimization. The firm highlights significant projects such as the new Žižkov Center and a cultural and congress center in Zlín, indicating active engagement in notable architectural developments. Technically, the site employs modern web technologies and enforces HTTPS with HSTS, reflecting a good security baseline. However, the absence of visible privacy policies, cookie consent mechanisms, and contact information limits compliance and transparency. The WHOIS data is unavailable, likely due to privacy protection, which is common for small businesses but reduces domain trust verification. Overall, the website presents a professional image with moderate trustworthiness but would benefit from enhanced privacy and compliance disclosures.

C

Czech Repubrick

czechrepubrick.cz

55

Czech Repubrick is a small retail and educational business focused on Lego products, exhibitions, and educational programs for schools and companies. The website is built on the Wix platform, featuring a professional design and moderate technical maturity. It uses standard web technologies including JavaScript, jQuery, Google Analytics, and Poptin for marketing and analytics. Security posture is moderate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published privacy policies. The absence of WHOIS registrant data reduces transparency and trustworthiness. Overall, the website is accessible and content is family-friendly, targeting Lego enthusiasts and educational institutions.

C

CANS Global

cans.com

62

CANS Global is a small Czech Republic-based e-commerce company specializing in natural sparkling alpine water with real fruit juice. The company emphasizes purity and natural ingredients, targeting general consumers interested in healthy beverage options. The website is built on the Shopify platform, leveraging modern web technologies and analytics tools such as Google Analytics and Microsoft Clarity. The site is well-designed, mobile-optimized, and provides a good user experience, although it lacks some standard compliance documents such as privacy policy and terms of service. Security posture is adequate with HTTPS and domain protections but could be improved by enabling DNSSEC and publishing security policies. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

E

ekolo.cz s.r.o.

ekolo.cz

47

Ekolo.cz s.r.o. operates a leading Czech e-commerce and physical retail platform specializing in electric bicycles and related accessories. Established in 2007, the company has built a strong market position with over 18 years of experience, offering a wide range of products including over 700 e-bike variants from 16 manufacturers. Their services include sales, rental, and servicing of e-bikes, targeting cycling enthusiasts and urban commuters primarily in the Czech Republic. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive product information. Technically, the site leverages modern JavaScript libraries such as Swiper.js, Google Tag Manager, and integrates security features like Google reCAPTCHA to protect user interactions. Hosting is inferred to be on DigitalOcean with CDN support for performance. Security posture is strong with HTTPS enforced and secure form handling, though some HTTP security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies, GDPR adherence, and consent mechanisms. Contact information is transparent and includes multiple channels. Overall, the site demonstrates high professionalism, trustworthiness, and digital maturity.

B

Business Finland

businessfinland.fi

68

Business Finland is a Finnish government agency dedicated to fostering growth by supporting Finnish companies in internationalization and innovation funding. The website serves as an authoritative portal for Finnish businesses seeking funding and international growth opportunities. It reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its target audience. The technical infrastructure leverages modern technologies including Azure hosting, Google Tag Manager, and Cookiebot for consent management, indicating a well-maintained and secure platform. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response contacts are not prominently published. Overall, the website demonstrates a high level of professionalism and trustworthiness suitable for a government entity.

Helsingin seurakuntayhtymä operates as a major religious and community service organization in Helsinki, Finland, providing a range of social and religious services to local residents and church members. The organization is well-established, with a domain registered since 2003, reflecting a stable presence in the community. The website serves as an informational and service portal, primarily in Finnish, targeting local audiences with clear contact and policy information. Technically, the website employs a modern but somewhat dated technology stack including Bootstrap 3 and standard web technologies like HTML5, CSS3, and JavaScript. Hosting and domain services are provided by Elisa Oyj, a reputable Finnish telecom provider. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. From a security perspective, the website enforces HTTPS and includes standard security headers, though DNSSEC is not implemented. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place, aligning with GDPR requirements. However, explicit security policies and incident response contacts are not published. Overall, the website demonstrates a solid security posture and business credibility appropriate for a public non-profit organization. Strategic recommendations include implementing DNSSEC, publishing a vulnerability disclosure or security.txt file, enhancing accessibility, and maintaining regular security audits to ensure ongoing compliance and protection.

Yahoo is a major global internet brand operating a portfolio of websites and applications including Yahoo, AOL, Engadget, Rivals, In The Know, and Makers. The analyzed page is a Finnish language consent management interface for GDPR compliance, allowing users to accept or reject cookies and manage privacy settings. The business model centers on advertising and content delivery, targeting general internet users with a broad range of digital services. The website demonstrates consistent branding and good content quality aligned with Yahoo's corporate identity. Technically, the site uses standard web technologies including JavaScript and CSS, with some proprietary Yahoo libraries such as YAHOO.i13n.Rapid for analytics. The page is moderately optimized for performance and mobile devices, though accessibility and SEO could be improved. Security measures include CSRF tokens in forms, but no explicit security headers were detected in the provided data. The SSL configuration could not be assessed from the data but is expected to be standard for Yahoo domains. From a security and compliance perspective, the site shows good GDPR compliance with clear privacy and cookie policies linked, and a consent mechanism implemented. No contact or incident response information was found on this page, which is typical for a consent layer. The domain WHOIS data for the subdomain is not separately registered, which is normal for subdomains under a large corporate domain. Overall, the site is trustworthy and safe, with no adult or malicious content detected. Strategically, Yahoo should enhance security headers and accessibility features, improve SEO metadata, and consider publishing clear security and incident response policies linked from consent pages to strengthen trust and compliance posture.

D

DRUŠTVO CRVENOG KRIŽA ZAGREBAČKE ŽUPANIJE

dck-zagrebacka-zupanija.hr

45

The website represents the Croatian Red Cross Society of Zagreb County, a regional non-profit organization dedicated to humanitarian aid, blood donation, and volunteering. It serves the general public in Zagreb County and provides information and services aligned with the Red Cross mission. The site is built on a WordPress platform using modern themes and plugins, including Elementor and Modern Events Calendar Lite, indicating a moderate level of digital maturity. Accessibility features and GDPR-compliant cookie consent mechanisms are implemented, reflecting attention to user experience and privacy. Security posture is good with HTTPS enabled and no visible vulnerabilities, though some security headers could be improved. Overall, the site is trustworthy and professionally maintained, with clear branding and consistent content.

S

SNCB-NMBS International

b-europe.com

62

SNCB-NMBS International operates a professional online platform for booking international train travel across Europe, including services for Eurostar, TGV INOUI, ICE, and other major train operators. The website targets European travelers seeking convenient ticket purchasing and travel planning, offering additional services such as Interrail passes and special tickets for bikes and dogs. The platform is built on a modern technology stack including C#, JavaScript, and Sitecore CMS, with integration of Google and Facebook APIs and a robust consent management system for GDPR compliance. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are lacking. The absence of WHOIS domain registration data is a notable concern, potentially indicating a subdomain usage or incomplete WHOIS information. Overall, the website presents a trustworthy and user-friendly experience for its target audience, but would benefit from enhanced transparency in domain registration and security disclosures.